Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Shipment Document BL,INV and packing list.jpg.exe
-
Size
313KB
-
Sample
231115-jhh2tsff51
-
MD5
e344bda7899df6fb9d12560254d07a13
-
SHA1
5d3e07d0d41fd3e16d4f9cde32362120e5f2c8a2
-
SHA256
cf33cf1b99aec2e58ebff495b327734f9d444884af6846ea086c210bd4ee2623
-
SHA512
dc6a4fecfd1b4ab873c3ef5d150e2b3c48f891535a989832b16841db652e664b31f111f05f6cd02f7313e9e72bdd963d603796bb570c0297bda93954f97d8275
-
SSDEEP
6144:wBlL/9pMUHq5ivHw521qti+5WmKasPxo9Rge/LAx9EUEgno9TF0KB:C/+UHq5mSDBK3a9GY8EUFnQF/B
Static task
static1
Behavioral task
behavioral1
Sample
Shipment Document BL,INV and packing list.jpg.exe
Resource
win7-20231023-en
Malware Config
Extracted
formbook
4.1
fs35
latechdz.com
sdp-ploce.com
ss203.site
sm6yuy.net
needstothink.com
heginstwp.com
blueplumespirit.com
vemconferirshop.click
yorent-auto.com
eleononaly.com
medicalspacelocators.com
7law.info
imacanberra.online
bbtyss.top
onlyanfans.com
varenty.com
fappies.shop
313865.com
hongpools.com
babkacuisine.xyz
usofty.com
jdjnxsu.com
teammonitoringservices.com
retortprocessinglab.com
rooferstakeoff.com
hansonelecs.com
em4ai.com
urbiznet.com
merchantgeniussaiyanflame.com
elegance-x-agency.com
cheekyfancy.com
ciaraile-hair.store
exactix.online
essentiallymotherearth.com
thebrollybuddy.com
associacaoacademicaguarda.com
manjort.xyz
mylifestylelounge.com
ser25kgr.monster
abbiejhooper.xyz
mjp77.com
dompompomdompom.shop
sugikougei.com
tacosantojrz.com
7yyhdjwwqq.com
vri4d.com
53b9fd8cfbfb.info
xlookcoins.top
uncongneniality.shop
coats-34172.bond
amazingpawpalace.com
actionkillsfear.com
supportlakecentral.com
xn--9kq7ik28o.club
lasermywords.com
t5-1682468.xyz
eastonelitesoftball.com
bagpackgalaxy.com
petlove6.com
fryconnect.online
autolusaccess.com
planetbravos.com
80smaoi.top
iit.world
i-ooedo.com
Targets
-
-
Target
Shipment Document BL,INV and packing list.jpg.exe
-
Size
313KB
-
MD5
e344bda7899df6fb9d12560254d07a13
-
SHA1
5d3e07d0d41fd3e16d4f9cde32362120e5f2c8a2
-
SHA256
cf33cf1b99aec2e58ebff495b327734f9d444884af6846ea086c210bd4ee2623
-
SHA512
dc6a4fecfd1b4ab873c3ef5d150e2b3c48f891535a989832b16841db652e664b31f111f05f6cd02f7313e9e72bdd963d603796bb570c0297bda93954f97d8275
-
SSDEEP
6144:wBlL/9pMUHq5ivHw521qti+5WmKasPxo9Rge/LAx9EUEgno9TF0KB:C/+UHq5mSDBK3a9GY8EUFnQF/B
-
Formbook payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-